Computer related security breaches are becoming more common. Just a few examples are denial of service attacks, viruses, worms and hacking. In addition the consequences and costs of security breaches and attacks is ever increasing. However, simply providing a firewall machine alone is insufficient. It is just as important to protect the computer system from backdoor entry and misuse by authorised personal. Furthermore, even with security products in place such as firewalls and instrusion detection systems, antivirus software and the like, these systems generate vast logs of data in a variety of formats that is not useful for macro analysis and often results in after the fact detection. This makes real time intervention difficult or impossible.